Non-volatile memory for anti-cloning and authentication method for the same

ABSTRACT

A method and a non-volatile memory apparatus for cloning prevention is provided. The non-volatile memory apparatus includes an Enhanced Media Identification (EMID) area, which is located in a specific area of the non-volatile memory, and stores an identification for identifying the non-volatile memory; and an EMID encoder for modifying the identification by a preset operation in conjunction with an arbitrary value, wherein the EMID area includes a first area in which reading by an external device is prevented, and a second area in which reading from the non-volatile memory by the external device is permitted in response to a read command.

PRIORITY

This application is a Continuation Application of U.S. patentapplication Ser. No. 13/230,414, which was filed in the U.S. Patent andTrademark Office on Sep. 12, 2011, and claims priority under 35 U.S.C.§119(a) to a Korean Patent Application filed in the Korean IntellectualProperty Office on Sep. 10, 2010 and assigned Serial No.10-2010-0088960, and a Korean Patent Application filed in the KoreanIntellectual Property Office on Oct. 11, 2010 and assigned Serial No.10-2010-0099010, and a Korean Patent Application filed in the KoreanIntellectual Property Office on Sep. 2, 2011 and assigned Serial No.10-2011-0089051, the entire contents of each of which are incorporatedherein by reference.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to a non-volatile memory for anti-cloningand an authentication method for the same.

2. Description of the Related Art

As technologies such as Digital Rights Management (DRM) and copyprotection for protecting content are combined with Non-VolatileMemories (NVMs), for protecting the content, technology for encryptingcontent as well as technology for verifying the allowability of HardWare(H/W) of storage devices are required.

Although DRM technology, Content Protection for Recordable Media (CPRM)technology for Secure Digital (SD) cards, and Advanced Access ContentSystem (AACS) technology for media such as Blu-Ray® discs, provide theirown device authentication methods based on Public Key Infrastructure(PKI) or other cryptographic technologies, these authentication methodsmay not provide protection against certain forms of attacks, such ascloning or replicating entire storage devices and fraudulent storagemedium authentication of genuine player devices.

Although technologies for inserting watermarking or fingerprinting intodirectly into a side of hardware itself, such as during the chip designprocess, enable discovery of potential fraudulent clone hardware, suchtechnologies are primarily limited to post-tracing security piracy.Therefore, such technologies may not prevent piracy in advance, thus,these technologies may not be effectively used as methods for verifyingwhether devices have proper permissions while transactions areperformed.

Device authentication methods provided through technologies such as CPRMfor SD cards and AACS for Blu-Ray discs, include methods for storing anidentifier in an area designated as a read-only area at the time ofproducing a storage medium and using the stored identifier for deviceauthentication and content protection by applying a cryptographicscheme, but such authentication may not prevent fraudulent hardwarevendors from easily cloning a large number of authenticated devices.

As described above, currently known authentication methods may notprevent certain attacks, such as when a card fabricator producesmultiple cards having the same security information and/or clonesgenuine or original content in the cards, or when such a card fabricatorproduces clone cards by reading security information and content andinserting the same information in the clone cards for illegaldistribution of content. Current authentication methods are may also bevulnerable to attacks where a malicious controller intercepts anidentifier of a NAND chip by changing the firmware and uses theintercepted identifier for fraudulent authentication.

FIG. 1 is a diagram illustrating fraudulent authentication of aconventional storage medium.

Referring to FIG. 1, an attack of a conventional storage medium may beperformed by recording, at step 130, the security information andcontent stored in a genuine memory card 110 in a clone card 120, andauthenticating, at step 150, a genuine player 140 by manipulating thefirmware of a controller. This attack production of clone cardscontaining illegal content to be placed on the market until the clonecards are totally discarded, thereby inflicting significant financialdamages on content providers and terminal manufacturers.

When value-added content is recorded in storage devices to be soldand/or rented, the built-in security technology may include anti-cloningtechnology for rendering mass illegal hardware cloning ineffective. Toincrease the complexity of the hardware cloning attacks, it is desirableto take advantage of the unique physical properties of each storagedevice, which have low collision probability.

However, taking advantage of all the physical properties of the entirememory may be inefficient, due to the increasing memory sizecorresponding to a few to hundreds of gigabytes, and using predefinedspecific areas may also not be used as anti-cloning technology, becauseuse of the predefined areas may actually reduce the complexity ofcloning attacks.

SUMMARY OF THE INVENTION

An aspect of an embodiment of the present invention is to provide anon-volatile memory as an anti-cloning measure that is robust againstattacks where a clone storage medium is disguised as a storage mediumcontaining genuine content, and an authentication method for the same.

In accordance with one aspect of the present invention, a non-volatilememory for anti-cloning is provided. The non-volatile memory includes anEnhanced Media Identification (EMID) area, which is located in aspecific area of the non-volatile memory, and stores an identificationfor identifying the non-volatile memory; and an EMID encoder formodifying the identification by a preset operation in conjunction withan arbitrary value, wherein the EMID area includes a first area in whichreading by an external device is prevented, and a second area in whichreading from the non-volatile memory by the external device is permittedin response to a read command.

In accordance with another aspect of the present invention, a method forauthenticating a non-volatile memory for anti-cloning is provided. Themethod includes modifying, by a preset operation with an arbitraryvalue, an identification that identifies the non-volatile memory andthat is stored an EMID area located in a specific area of thenon-volatile memory; and transmitting the modified identification to ahost device, wherein the EMID area includes a first area in whichreading by an external device is prevented, and a second area in whichreading from the non-volatile memory by the external device is permittedin response to a read command.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other aspects, features and advantages of certainembodiments of the present invention will be more apparent from thefollowing description taken in conjunction with the accompanyingdrawings, in which:

FIG. 1 is a diagram illustrating fraudulent authentication of aconventional storage medium;

FIG. 2 is a diagram illustrating a technology model for authenticating astorage medium according to an embodiment of the present invention;

FIG. 3 is a diagram illustrating a structure of a storage device duringauthentication of the storage device according to an embodiment of thepresent invention;

FIG. 4 is a diagram schematically illustrating a noise generation schemefor a storage device according to an embodiment of the presentinvention;

FIG. 5 is a diagram illustrating a structure of a non-volatile storagemedium according to an embodiment of the present invention; and

FIG. 6 is a flow diagram illustrating an operation of a storage deviceduring authentication of the storage device according to an embodimentof the present invention.

Throughout the drawings, the same drawing reference numerals will beunderstood to refer to the same elements, features and structures.

DETAILED DESCRIPTION OF EMBODIMENTS OF THE PRESENT INVENTION

Embodiments of the present invention are described in detail herein withreference to the accompanying drawings. In the following description,specific details such as detailed configuration and components arepresented to assist in providing an overall understanding of embodimentsof the present invention. Therefore, it should be apparent to thoseskilled in the art that various changes and modifications of theembodiments described herein can be made without departing from thescope and spirit of the invention. In addition, descriptions ofwell-known functions and constructions are omitted for clarity andconciseness.

According to an embodiment of the present invention, a non-volatilememory for anti-cloning and an authentication method for the same areprovided. To this end, an Enhanced Media Identification (EMID) isinserted in a specific area of a storage medium. The storage medium,which includes means for generating noise in the EMID, adds the noise inthe EMID upon receiving an EMID request, and provides the noise-addedEMID, thereby performing authentication.

A storage media, recording devices, means for generating an EMID duringmanufacturing of player devices, and means for decoding the EMID used inprovided a series of authentication processes in accordance withembodiments of the present invention are described as follows withreference to FIG. 2.

FIG. 2 illustrates a technology model for authenticating a storagemedium according to an embodiment of the present invention.

Referring to FIG. 2, a license authority 210 for determining a storagedevice authentication method according to the present invention, firstdetermines an EMID generator 212 for encoding an ID, an ID decoder 213for decoding the encoded EMID, and a code parameter generator 211 forgenerating code parameters used to determine a decoding scheme.

A content providing entity 220 for providing content by recording thecontent in storage devices, such as a kiosk and/or a content aggregator,may receive the ID decoder 213 determined by the license authority 210and convert decrypted code parameters and a modified (noise-added) EMIDinto the original ID. Through these receiving and converting operations,the content providing entity 220 authenticates physical identifiers ofstorage devices, binds genuine content to the authenticated physicalidentifiers, and records the bound genuine content.

A player manufacturer 230, which manufactures players for playingcontent in storage devices, may also receive the ID decoder 213determined by the license authority 210 and convert decrypted codeparameters and a modified (noise-added) EMID into the original ID. Theplayer manufacturer 230 manufactures player devices having functions forperforming these receiving and converting operations. The manufacturedcontent player devices may authenticate physical identifiers of storagedevices and play content recorded in genuine storage devices using theauthentication method proposed by the present invention.

An NVM manufacturer 240, which manufactures storage devices, may receivethe EMID generator 212 determined by the license authority 210. Whenmanufacturing storage devices, the NVM manufacturer 240 generates EMIDs,or encoded IDs, using the EMID generator 212, and inserts the EMIDs inthe storage devices using programming equipment 242 such that the EMIDsmay be recorded only once in a specific area of the storage devicesduring manufacture. Thereby, the NVM manufacturer 240 manufacturesstorage devices that each includes a specific area in which an EMID anda signature-on-ID and encrypted code parameters are recorded.

FIG. 3 illustrates a configuration of an authentication system forauthentication of a storage device according to an embodiment of thepresent invention.

Referring to FIG. 3, a storage device 310 according to an embodiment ofthe present invention may be a storage medium such as a flash memory.

The storage device 310 includes a controller 316 for controllinginput/output and read/write of the storage device 310, and a NVM memoryarea 311, such as a NAND flash memory area for storing data. The NVMmemory area 311 includes an arbitrarily defined EMID area 312 forstoring an EMID.

The EMID area 312 includes a type-1 area and a type-2 area. The type-1area is an area used in the NVM memory area 311, where reading andwriting, by a host device or the controller 316 for performing recordingor playing of a storage device, are prevented after a process for thestorage device is completed. The type-2 area is an area that the hostdevice, such as a recording device or a playing device, may read inresponse to a read command from the storage device 310.

The EMID encoder 318 includes an EMID converter 314 for performing EMIDconversion operation and a black box 313 for generating random errorsused to perform the EMID conversion operation. The EMID converter 314generates noises by modifying an EMID value through a preset operationwith random values (i.e., random errors) generated by the black box 313,unique information of the NVM memory area 311, which is included in thetype-1 area of the EMID area 312, and a value for the EMID conversionoperation, which is received from the host device in advance.

The black box 313 may include specific seed information that the EMIDconverter 314 uses for the EMID conversion operation, or may generateseed information at random using a specific additional circuit. Inaddition, when using elements generated in the system, the black box 313may dynamically generate seed information.

An EMID generator 320 generates an EMID 309 by encoding a value selectedas an ID using a preset encoding scheme.

An EMID decoder 330 receives at least one noise-added EMID 315 anddecodes it into its original EMID.

Upon extracting a physical identifier or an EMID 309 inserted in theEMID area 312, EMID encoder 318 generates noise in the EMID. This EMIDencoder 318 may include at least one of a random number generator and ascrambler. The EMID encoder 318 generates a noise-added EMIDs 315.

During recording or playing of the storage device 310, the controller316 delivers the noise-added EMIDs 315 to the EMID decoder 330 of thedevice in response to an EMID request 317 from a recording or playingdevice. In other words, the controller 316 receives a request for EMIDinformation from a recording device for recording content in the storagedevice 310 and/or from a player device for playing content stored in thestorage device 310, and delivers noise-added EMID information to therecording device or the player device in response to the request.

Upon receiving, from the recording or playing device, a commandrequesting an EMID of the storage device 310, the controller 316delivers a command to read the EMID area 312 of the storage device 310to the NVM memory area 311. In response to the command, the NVM memoryarea 311 adds noise in the EMID 309 read from the EMID area 312 inaccordance with at least one of noise generation/insertion schemesproposed by the present invention, and delivers the noise-added EMID 315to the recording or playing device through the controller 316. As aresult, in accordance with an embodiment of the present invention, anexternal device outside the NVM memory area 311, for example, thecontroller 316, cannot directly access the value stored in the EMID area312.

According to an embodiment of the present invention, the storage device310 includes the EMID encoder 318 for generating noise-added EMIDinformation by generating random errors in EMID information.

FIG. 4 schematically illustrates a noise generation scheme for a storagedevice according to an embodiment of the present invention. A firstmethod (“Method 1” in FIG. 3) for inserting noise in an EMID is anexample of a method that includes changing a margin voltage used in aread operation of the NVM memory area 311. As illustrated in FIG. 4, theoriginal EMID value 309 may be read when the EMID area 312 is readaccording to the normal read verification margin, whereas errors mayoccur at random if the read verification margin is expanded to aspecific range. In the present invention, a noise-added EMID may begenerated by expanding the read verification margin to a specific range.Multiple noise-added EMIDs EMID_(—)1, EMID_(—)2, . . . , and EMID_N maybe generated by reading the EMID over the specific range several times.

An external device, such as the controller 316, is not configured tocontrol this operation, and is set to allow the NVM memory area 311 tochange the read verification margin only for the EMID area 312.

A second method (Method 2 in FIG. 3) for inserting noise in an EMIDvalue is an example of a method that includes providing separatecircuits for generating random errors in an EMID 309. According to anembodiment of the present invention, the noise generator 314 and theseed 313 are configured based on technology for generating randomerrors, such as Liner Feedback Shift Register (LFSR) and Pseudo RandomNumber Generator (PRNG). In this method, if a value of the EMID area 312is requested by the controller 316, the EMID encoder 318 outputs an EMIDvalue inserted in the EMID area 312, and the noise-added EMID 315, inwhich noises are inserted using the value generated in the black box313. The EMID converter 314 may be designed based on technology forgenerating random errors, such as LFSR and PRNG. A seed value may bedynamically determined as system information.

The EMID 309, which is recorded in a specific area of the storagedevice, is converted into multiple EMIDs 315, in which noises areincluded by the EMID encoder 318 at the request of the content recordingor playing device. During EMID extraction, an operation according to anembodiment of the present invention may repeatedly perform the processof generating multiple noise-added EMIDs. In this case, the process ofgenerating multiple noise-added EMIDs at once by the EMID encoder 318may be defined as a round. In accordance with an embodiment of thepresent invention, the recording or playing device (not shown) requestsan EMID from the storage device 310 several times, and then, the storagedevice 310 generates EMIDs of a related round using the EMID encoder 318at each request (i.e., in each round), and transmits the generated EMIDsto the recording or playing device.

FIG. 5 illustrates a structure of a non-volatile storage mediumaccording to an embodiment of the present invention.

Referring to FIG. 5, a non-volatile storage medium (or NVM memory area)311 includes an arbitrarily defined EMID area 312 for storing an EMID, aEMID encoder 318 including an EMID converter 314 for converting an EMIDby generating noise in the EMID, and a black box 313 for generating arandom error value used for EMID conversion.

Upon extracting a physical identifier or an EMID inserted in the EMIDarea 312, the EMID encoder 318 inserts noise in the extracted physicalidentifier or EMID. The EMID encoder 318 generates multiple noise-addedEMIDs 315 including random errors generated by the EMID encoder 314. Inaccordance with the preset invention, to prevent cloning of storagedevices, an external device outside the NVM memory area 311, forexample, the controller 316 may not directly access the value stored inthe EMID area 312.

FIG. 6 illustrates an operation of a storage device duringauthentication of the storage device according to an embodiment of thepresent invention.

Referring to FIG. 6, the storage device 310 receives a request forreading an EMID from a recording or playing device in step 610.Specifically, the storage device 310 receives the request for reading anEMID from the recording or playing device through the controller 316,and forwards the EMID to the NVM memory area 311.

In step 620, the NVM memory area 311 reads an EMID 309 from the EMIDarea 312, and inserts noise in the EMID using any one of Method 1 ofchanging a read verification margin in a read operation and Method 2 ofusing the EMID encoder 318, such as described with reference to FIG. 3,thereby generating multiple noise-added EMIDs 315.

In step 630, the NVM memory area 311 delivers the multiple noise-addedEMIDs generated in step 620, to the recording or playing device throughthe controller 316.

As is apparent from the foregoing description, embodiments of thepresent invention take advantage of physical properties of a definedarea of a non-volatile memory, and provide an apparatus that includes amechanism for generating noise inside the storage device, making itpossible to dynamically process system information upon extractinginformation about the defined area. Embodiments of the present inventionmay provide a storage medium that is robust against indirect (e.g.,“man-in-the middle”) attacks by a controller assembled in a non-volatilememory.

While the present invention has been shown and described with referenceto certain embodiments thereof, it will be understood by those skilledin the art that various changes in form and details may be made thereinwithout departing from the spirit and scope of the invention as definedby the appended claims and their equivalents.

What is claimed is:
 1. A memory device comprising: an Enhanced MediaIdentifier (EMID) area including a data element uniquely identifying thememory device; and an EMID encoder configured to: read the data elementfrom the EMID area; encode the data element using at least one valuereceived from a host device; and send authentication informationincluding the encoded data element to the host device, wherein the EMIDarea includes a first area in which reading by the host device isprevented, and further includes a second area in which reading by thehost device is permitted.
 2. The memory device of claim 1, wherein theEMID encoder encodes the data element using a random number and thereceived at least one value.
 3. A method for authenticating a memorydevice comprising: reading a data element uniquely identifying thememory device from an Enhanced Media Identifier (EMID) area; encodingthe data element using at least value received from a host device; andsending authentication information including the encoded data element tothe host device, wherein the data element is stored in a first area ofthe EMID area in which reading by the host device is prevented, and theEMID area further includes a second area in which reading by the hostdevice is permitted.
 4. The method of claim 3, wherein the at least onevalue includes a random number.
 5. The method of claim 4, wherein thedata element is read from the first area.
 6. A method for authenticatinga memory device by a host device, the method comprising: sending, to thememory device, at least one value required for encoding a data elementuniquely identifying the memory device; and receiving authenticationinformation from the memory device, wherein the authenticationinformation includes the encoded data element, and wherein the memorydevice includes Enhanced Media Identifier (EMID) area, the EMID areaincluding a first area in which reading by the host device is prevented,and further including a second area in which reading by the host deviceis permitted.
 7. The method of claim 6, wherein the at least one valuerequired for encoding the data element includes a random number.
 8. Themethod of claim 7, wherein the data element is stored in the first area.9. A host device for authenticating a memory device, the host devicecomprising: a decoder configured to: send, to the memory device at leastone value required for encoding a data element uniquely identifying thememory device; and receive authentication information from the memorydevice, wherein the authentication information includes the encoded dataelement, and wherein the memory device includes Enhanced MediaIdentifier (EMID) area, the EMID area including a first area in whichreading by the host device is prevented, and further including a secondarea in which reading by the host device is permitted.
 10. The hostdevice of claim 9, wherein the data element is encoded using a randomnumber and the at least one value.
 11. The host device of claim 10,wherein the data element is stored in the first area.